I have a similar story of accessing an internal JSON API for my own benefit.
I left my airpods in a car I rented using zipcar. I spoke to support etc but nothing had been handed in. I checked to see if the car was still where I left it so that I could re-hire and claim them, but it had been moved.
The app tells you the 'name' of the car you rented which is used as an identifier. It also shows a map of where all available cars are. I sniffed the requests the app made to display this map, and was able to filter it by the car name. From this I was able to locate where the car I left my airpods in was. Was able to head there, unlock the car, and to my amazement the airpods were still there!
I left my airpods in a car I rented using zipcar. I spoke to support etc but nothing had been handed in. I checked to see if the car was still where I left it so that I could re-hire and claim them, but it had been moved.
The app tells you the 'name' of the car you rented which is used as an identifier. It also shows a map of where all available cars are. I sniffed the requests the app made to display this map, and was able to filter it by the car name. From this I was able to locate where the car I left my airpods in was. Was able to head there, unlock the car, and to my amazement the airpods were still there!